Bug 1496760 - openshift_health_check is doing "docker_storage" against a NFS host
Summary: openshift_health_check is doing "docker_storage" against a NFS host
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: OpenShift Container Platform
Classification: Red Hat
Component: Installer
Version: 3.7.0
Hardware: Unspecified
OS: Unspecified
medium
medium
Target Milestone: ---
: 3.7.0
Assignee: Luke Meyer
QA Contact: Johnny Liu
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2017-09-28 10:11 UTC by Johnny Liu
Modified: 2017-11-28 22:13 UTC (History)
3 users (show)

Fixed In Version:
Doc Type: No Doc Update
Doc Text:
undefined
Clone Of:
Environment:
Last Closed: 2017-11-28 22:13:20 UTC
Target Upstream Version:
Embargoed:

Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2017:3188 0 normal SHIPPED_LIVE Moderate: Red Hat OpenShift Container Platform 3.7 security, bug, and enhancement update 2017-11-29 02:34:54 UTC

Description Johnny Liu 2017-09-28 10:11:06 UTC 
Description of problem:
see the following details

Version-Release number of the following components:
openshift-ansible-3.7.0-0.128.0.git.0.89dcad2.el7.noarch
ansible 2.3

How reproducible:
Always

Steps to Reproduce:
1. prepare inventory host including a NFS host
2. trigger installation
3.

Actual results:
<--snip-->
CHECK [disk_availability : ec2-54-236-253-253.compute-1.amazonaws.com] *********

CHECK [package_availability : ec2-54-236-253-253.compute-1.amazonaws.com] ******

CHECK [package_version : ec2-54-236-253-253.compute-1.amazonaws.com] ***********

CHECK [docker_image_availability : ec2-54-236-253-253.compute-1.amazonaws.com] ***

CHECK [memory_availability : ec2-54-236-253-253.compute-1.amazonaws.com] *******
fatal: [ec2-54-236-253-253.compute-1.amazonaws.com]: FAILED! => {"changed": false, "checks": {"disk_availability": {"skipped": true, "skipped_reason": "Not active for this host"}, "docker_image_availability": {}, "docker_storage": {"failed": true, "failures": [["OpenShiftCheckException", "Use of loopback devices with the Docker devicemapper storage driver\n(the default storage configuration) is unsupported in production.\nPlease use docker-storage-setup to configure a backing storage volume.\nSee http://red.ht/2rNperO for further information."]], "msg": "Use of loopback devices with the Docker devicemapper storage driver\n(the default storage configuration) is unsupported in production.\nPlease use docker-storage-setup to configure a backing storage volume.\nSee http://red.ht/2rNperO for further information."}, "memory_availability": {"skipped": true, "skipped_reason": "Not active for this host"}, "package_availability": {"skipped": true, "skipped_reason": "Not active for this host"}, "package_version": {"skipped": true, "skipped_reason": "Not active for this host"}}, "failed": true, "msg": "One or more checks failed", "playbook_context": "install"}
<--snip-->
Failure summary:


  1. Hosts:    ec2-54-236-253-253.compute-1.amazonaws.com
     Play:     Verify Requirements
     Task:     openshift_health_check
     Message:  One or more checks failed
     Details:  check "docker_storage":
               Use of loopback devices with the Docker devicemapper storage driver
               (the default storage configuration) is unsupported in production.
               Please use docker-storage-setup to configure a backing storage volume.
               See http://red.ht/2rNperO for further information.

Expected results:
health check should not do "docker_storage" against a NFS host


Additional info:
Please attach logs from ansible-playbook with the -vvv flag
Comment 2 Luke Meyer 2017-10-03 21:14:40 UTC 
The short story is that with containerized=true in your inventory, openshift-ansible will treat every host as if it needs docker installed, even if it's nfs or lb. If you mark the individual hosts that do not need this with containerized=false then this will not happen.

This is true of the docker role, independently of this check (I see you reported 
https://bugzilla.redhat.com/show_bug.cgi?id=1497144 which is possibly a duplicate of https://bugzilla.redhat.com/show_bug.cgi?id=1429371) so you could argue that the check is correct.

Really, though, the logic should be such that we never do anything with docker on systems for components that can't be containerized. And for that matter, for this inventory, the logic needs to take into account that containerized components should be a system container anyway and not rely on docker. So there is a bug here, it should be improved. Ideally the logic would go in the docker role and the docker checks would just consult the outcome to determine whether and how to run.
Comment 3 Luke Meyer 2017-10-05 02:27:12 UTC 
https://github.com/openshift/openshift-ansible/pull/5658

(Note, https://github.com/openshift/openshift-ansible/pull/5636 fixes the installer logic)
Comment 4 openshift-github-bot 2017-10-05 09:11:31 UTC 
Commit pushed to master at https://github.com/openshift/openshift-ansible

https://github.com/openshift/openshift-ansible/commit/776b0d9478d92c11c5dd285c758ffae668674f8e
openshift_checks: lb and nfs do not need docker

fixes bug 1496760
https://bugzilla.redhat.com/show_bug.cgi?id=1496760
Comment 6 Johnny Liu 2017-10-12 09:57:32 UTC 
Verified this bug with openshift-ansible-3.7.0-0.148.0.git.0.b35eb14.el7.noarch, and PASS.


Trigger a containerized install with global containerized=true in inventory host file, the env is including 1 master + 1 node +  1 nfs, no "docker_storage" health_check is run against NFS host.
Comment 10 errata-xmlrpc 2017-11-28 22:13:20 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2017:3188
Note You need to log in before you can comment on or make changes to this bug.